Kloxo FTP On OpenVZ with CSF

jika ada yang pernah ngalamin mempunyai VPS Virtuozo based yang di install kloxo, trus di kasi CSF, ftp server tidak bisa diakses. (baik pure-ftp atau proftpd)

untuk solving tipnya :

cek di dokumentasi csf nya di bagian ini :

13. A note about FTP Connection Issues
######################################

It is important when using an SPI firewall to ensure FTP client applications
are configured to use Passive (PASV) mode connections to the server.

On servers running Monolithic kernels (e.g. VPS Virtuozzo/OpenVZ and custom
built kernels) ip_conntrack and ip_conntrack_ftp iptables kernel modules may
not be available or fully functional. If this happens, FTP passive mode (PASV)
won't work. In such circumstances you will have to open a hole in your firewall
and configure the FTP server to use that same hole.

For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd:
PassivePortRange 30000 35000

For example, with proftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/proftpd.conf and then restart proftpd:
PassivePorts 30000 35000

FTP over SSL/TLS will usually fail when using an SPI firewall. This is because
of the way the FTP protocol established a connection between client and server.
iptables fails to establish a related connection when using FTP over SSL
because the FTP control connection is encrypted and so cannot track the
relationship between the connection and the allocation of an ephemeral port.

If you need to use FTP over SSL, you will have to open up a passive port block
in both csf and your FTP server configuration (see above).

Perversely, this makes your firewall less secure, while trying to make FTP
connections more secure.

kemudian caranya :
untuk pure-ftpd, edit file pure-ftpd.conf (letak file biasanya di etc/ ), kemudian aktifkan line ini :
PassivePortRange 30000 35000

untuk proftpd :
edit file proftpd.conf, dan tambahkan sintak berikut :
PassivePorts 30000 35000

kemudian aktifkan di csf firewallnya :
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,30000:35000"

kemudian reboot